CVE-2025-34185

Description

Ilevia EVE X1 Server version ≤ 4.7.18.0.eden contains a pre-authentication file disclosure vulnerability via the db_log POST parameter. Remote attackers can retrieve arbitrary files from the server, exposing sensitive system information and credentials.